Automatic Detection and Healing of Vulnerabilities in Embedded Systems

Award Information
Agency: Department of Defense
Branch: Defense Advanced Research Projects Agency
Contract: W31P4Q-14-C-0084
Agency Tracking Number: D2-1300
Amount: $1,500,000.00
Phase: Phase II
Program: SBIR
Solicitation Topic Code: SB131-003
Solicitation Number: 2013.1
Timeline
Solicitation Year: 2014
Award Year: 2014
Award Start Date (Proposal Award Date): 2014-06-12
Award End Date (Contract End Date): 2017-02-16
Small Business Information
28 Dana Street, Amherst, MA, 01002
DUNS: 102221665
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Kristopher Carver
 Technical Director
 (413) 359-0599
 kris@bluerisc.com
Business Contact
 Mrs. Sylvia Moritz
Title: program manager
Phone: (617) 517-6324
Email: sylvia@bluerisc.com
Research Institution
N/A
Abstract
In this proposal, we outline a fundamentally new approach to enable autonomous detection of exploitation attempts as well as an on-demand healing of the targeted code.A new static vulnerability point characterization concept and associated runtime support enable exploit detection prior to compromise as well as healing at runtime. BlueRISCs solution detects the exploitation prior to the transfer of control.Additionally, this solution is rooted in a fundamental healing methodology that is capable of ensuring that a previously vulnerable code is no longer exploitable.The hybrid compiler-guided runtime approach enables low overhead that is ideal in embedded systems.

* Information listed above is at the time of submission. *

US Flag An Official Website of the United States Government